Why The Tech Industry Should Be Furious About NSA's Over Surveillance

from the it'll-hit-their-bottom-lines dept

We've already pointed out how some tech companies, including Yahoo!, Google and Twitter have fought back against overly intrusive attempts at government surveillance (though, they often lose), and there's been some discussion about how these companies are fighting to protect their users' privacy. There's a further reason why all of the tech industry should be speaking out against NSA surveillance. Beyond just being the right thing to do to protect your users' privacy, it's likely that it also improves their bottom line. We're already starting to see the fallout from the revelations of the NSA being able to scoop up data from various tech companies, and it's going to be harmful to their revenue.

Right after the initial NSA leaks came out, David Kirkpatrick quickly wrote about how the Obama administration appeared to be sacrificing the US internet industry in a weak attempt at trying to increase security (despite no evidence that it's actually done that). The global implications of the NSA spying aren't hard to figure out -- especially when looking at how many people around the globe use these services:

It's quite possible that Obama has undermined the effectiveness and attractiveness for political speech and protest of what have been the most potent communications tools for activism in history. Political and commercial opponents of the U.S. in every country as well as governments themselves will likely alert citizens to the potential that U.S. companies could pass their info back to US authorities. This will seriously conflict with these companies' aim to maintain their platforms as neutral global environments. It could dramatically slow their global growth.

[....] Do we really want to impair such powerful tools for spreading dialogue, political discourse, and U.S. values? Is it worthwhile to impair the extraordinary financial and commercial success of these great flagships for the American economy? Does Obama want Facebook et al just to be seen as tools of American power? That is certainly not the way the average user in Bolivia sees it. They see it as a tool of their own personal power, and they don't want governments interfering with that.

Further, he points out, this will likely drive users to foreign corporations, rather than American ones, as they strive to protect their privacy:

Don't believe there are not alternatives to the U.S. Net collossi. Companies worldwide are already relentlessly working on alternatives. The second largest search service worldwide is China's Baidu, with more than 8% of searches globally at the end of last year according to ComScore. Russia's Yandex is at close to 3%, more than Microsoft's own search product. In social networking, China's Tencent has had a stunning recent success with its WeChat product, which by some counts has over 450 million users worldwide, including many tens of millions outside China. Most major Chinese Internet companies have global ambitions.

Kirkpatrick was focusing more on the consumer side, and the importance of using these tools for open and free communication. But the same issues clearly impact the business side as well. As CFO.com recently, noted, companies are gong to be a lot less trusting of US-based cloud computing companies because of these leaks. Exposing the key info to governments is a real risk:

At the end of the day, if you have mission critical data and information in the possession of a third party service provider - Cloud or otherwise – the assumption that your provider will be in full control over their environments may be drawn unto doubt. As a CFO, it is prudent to consider your next steps very carefully to ensure that your intellectual property and trade secrets do not become the assets of others.

Given the suggestions that the US government has used this surveillance as a form of economic espionage, these fears seem quite well grounded. Foreign companies are now going to be a lot less interested in using the services of American companies.

And this isn't a theoretical problem either. Sweden just issued a ruling that bars the public sector from using Google's cloud services. Meanwhile, India is already telling companies that they need to setup local servers rather than make use of US servers if they want to do business in India.

This issue is important on a number of levels, but technology companies, who rely on a global audience, should be standing up and loudly protesting the NSA's broad surveillance, because it's going to hit their bottom lines hard. The administration and the NSA are directly making it difficult for US internet companies to be global enterprises, at a time when that's exactly what we need. Is it really worth sacrificing one of the few growing and dynamic industries that the US has these days, based on some vague and unproven claims that the government "needs" all of this info? It seems like a massive cost for almost no benefit.

Re:

Well, since Clapper said (emphasis added):

"The dissemination of information “incidentally intercepted” about a U.S. person is prohibited unless it is “necessary to understand foreign intelligence or assess its importance, is evidence of a crime, or indicates a threat of death or serious bodily harm."

Re:

6. Effective Line Item Veto of the Declaration of Independence

(strike)

That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. ...

Great job people. Between destroying the tech industry, enforcing monopolies and disseminating distrust over the openess and transparency of the internet, right when repressive governments all over the world want to implement their own monitoring technologies, coypled with the recent advances on drones, wireless data monitoring and artificial inteligence and artificial organs, we gonna be on a cyberpunk scenario right on schedule by 2032.

Re: Re: Re:

Unless this is the intent....

I read somewhere that the NSA doesn't have the same oversight (what little there is) when they monitor from a facility on foreign soil. Wouldn't that mean that if they drove all IT offshore, they would potentially have MORE access, not less?

Re: Unless this is the intent....

Nah, they have a better way.

For a long, long time, spy agencies have circumvented the prohibitions on domestic spying by engaging in information exchanges with allies. For example, we spy on British citizens, Britain spies on our citizens, and then we exchange the data.

Why would India require local servers?

I don't see that in any way keeping the country safe from Prism. It's not like it'd be any harder for Google to sftp US agents data from Indian servers.
The more likely reasons are:
a) India would like in on this citizen snooping, and/or
b) India is trying to drum up business for its hosting/electricity providers.

This is nothing new -- they've been speculating about the potential risks inherent with cloud computing, specifically with so much data accessible by one country (USA). It took leaks about the NSA's PRISM program for others to wake up to reality.

That being said, I would imagine that if the US is monitoring its cloud servers, other countries such as China and Russia are doing likewise.

Widespread encryption versus current business models

If this revelation would cause people to adopt encryption widely (for example, browser plugins for encrypting and decrypting webmail), lots of companies (e.g., Google) would end up losing access to a lot of data.

but at least the UK will carry on dealing with the USA. they're too fucking scared to stop! they've already taken over as the worst 'democratic' country to be in as far as internet censorship is concerned. with more websites being blocked a few days ago, then the proxy sites themselves being blocked as well as the sites set up through the proxies, there is a move to now go after even more. and as in the US, no defense is allowed, even not notification, from what i understand, until it's too late! the idea seems to be to get control of the internet but rather than doing it the sensible way, the easier, cheaper way by listening to and giving customers what they ask for, the industries want to carry on closing down web sites. add in the surveillance that these industries keep trying to get implemented via new laws that bought off politicians just wave the flag at so no objections occur, these industries are laughing! once they get the surveillance in place, under the pretense of wanting to stop copyright infringement, then the US government can take over. the fact that they have just been caught with both hands in the cookie jar wont matter. the entertainment industries will get the blame and the government will be watching everyone, everywhere, doing everything. win-win situation for them, shit street for the people!

Re: Read this article

It's funny to read that article, and even funnier when you check out your cookie count from visiting Techdirt.

My computer shows 24 cookies or cookie parts from Techdirt, and over 80 from third parties - just from visiting this site in a regular basis. You don't think that this data is being tracked and used?

Perhaps it's time for Techdirt and Floor64 to take a real stand here, and ban all the third party cookies, tracking, and other data collection tools used on this site. I am sure that would improve the page load speed as well.

Yet another article

U.S. Agencies Said to Swap Data With Thousands of Firms - Bloomberg: "Thousands of technology, finance and manufacturing companies are working closely with U.S. national security agencies, providing sensitive information and in return receiving benefits that include access to classified intelligence, four people familiar with the process said."

Another article

Another writer looking beyond government and focusing on data collection in general.

Americans' Fickle Stance on Data Mining and Surveillance - Zachary Karabell - The Atlantic: "The most voracious collectors of information are not the U.S. government nor China. They are the companies doing business online. The metadata that the NSA wants is also metadata every marketer at every company wants. That makes the data collected online about each of us by companies every bit as intrusive as what the NSA collected. After all, some of the data the NSA collected came from companies such as Google and Facebook. ...

"Privacy, therefore, isn't nearly as valuable to us as the current outcry over the NSA would suggest. Until we address our rather schizophrenic attitudes - take my data if you're Facebook; leave it alone if you're the government - we're unlikely to come up with coherent policies that draw those vital lines between security, privacy and freedom that we claim to hold so dear."

Re: Re: Another article

The issue of privacy is really control. When we say we desire privacy, we're really saying that we desire the right to control who has access to the data we generate.

I agree. But what I think the articles I have posted collectively suggest is that the issue is fairly complex and deserves to be discussed in that way.

My point has been that tech companies have created the data-mining technologies and have been happy to both use it and to sell it, often working directly with government agencies. So it isn't a simple matter to point to government as the bad guy and everyone else as good guys because they are private companies. There are a lot of players in this area, and many companies are quite happy to take government money and aren't necessarily planning to prevent government from using either their data or their services.

Re: Re: Re: Another article

The only place where we might differ (and it's only a little bit) is that I think the responses to government spying and corporate spying can't be the same. However, a response to both is needed.

The whole thing is clouded by the fact that we live in an effective corporatocracy right now, so it's pretty hard to find the dividing line between private and public action in some of these areas.

I don't think we can be really effective in addressing privacy issues (or many other critical issues, for that matter) until we can disentangle business and government. This entanglement is what I'm referring to when I refer to our government being corrupt.

Re: Re: Data garnered by private enterprise and the government

I'm getting caught up on some of my reading from last week. Here's an illustration of how private companies are collecting info on you.

It's very difficult to avoid surveillance/monitoring by private companies unless you drop out of society altogether.

Companies scramble for consumer data - FT.com: "As basic information on consumers becomes ubiquitous, data brokers are tracking down even more details. For $0.26 per person, LeadsPlease.com sells the names and mailing addresses of people suffering from ailments such as cancer, diabetes and clinical depression. The information includes specific medications including cancer treatment drug Methotrexate and Paxil, the antidepressant, according to price details viewed by the FT."

Letting private companies do whatever they want

If the goal of some is to reduce government regulations/restrictions to a minimum, then presumably private companies are more free do whatever they want. And some of them will do whatever they want in terms of collecting data.

Re: Letting private companies do whatever they want

If the goal of some is to reduce government regulations/restrictions to a minimum, then presumably private companies are more free do whatever they want.

This is why I am in favor of greater (and smarter) regulation of business practices. We have had a few periods of lax or no regulation of business in our history, and the result is always the same: businesses become abusive, predatory, and dangerous.

Re: Re: Letting private companies do whatever they want

This is why I am in favor of greater (and smarter) regulation of business practices. We have had a few periods of lax or no regulation of business in our history, and the result is always the same: businesses become abusive, predatory, and dangerous.

We agree. I am wary of an "anything goes as long as it is a private company" mentality. That's why I keep posting the extent to which profit drives monitoring and data collection/sales in this country.

I'm still a supporter of the concept of government. I just want it to be better government. In my mind, government can range from local co-ops to global organizations. So I don't believe "government" is inherently good or bad.